How Implementing an ITAM/SAM Program Is Like Playing Pokémon GO

IMG_3165Implementing an effective ITAM/SAM program isn’t any more difficult than trying to locate and catch a Snorlax or evolve into a Vileplume in Pokémon GO, though many organizations feel that it is too complex, too difficult and too resource intensive.

Additionally, many organizations experience only one or two software license audits a year, they don’t feel it justifies the cost of an ITAM/SAM tool or building a disciplined program.

  • Investing in an ITAM/SAM tool is similar to working out at a Pokémon gym.

If one of the goals of Pokémon is to own a gym that will lead to an increase in your stash of gold coins, then you need a group of team members with different strengths (e.g., psychic, fire, water) to help you defend it.

Similarly, the more work you do around ITAM/SAM process, policy, and governance, the more effective your program will be. Having a diverse team with strengths in contracts, licensing, capacity and demand management, and data analytics will help your organization easily defend against threats to the IT budget in the form of an audit, asset lifecycle or security.

  • Improve the combat power of your ITAM/SAM team.

Taking over a Pokémon gym by defeating another team isn’t easy if that team has many defenders with high levels of combat power.

To improve the combat power of your ITAM/SAM team, you must ensure that your tools are robust and can help the broader IT team, rather than staying siloed in ITAM/SAM. Integrations into other key data sources are essential in order to reduce the amount of manual data entry necessary to ensure the data is current.

Training your team members provides them with the necessary skills to solve problems. Having the skillset necessary to move from a reactive to a proactive position is essential. Metrics that focus on tactical and strategic problems will identify opportunities for savings. An example of a tactical metric is asset inventory accuracy and a strategic metric is capex vs. opex asset spending.

  • An effective ITAM/SAM program/tool is like owning a Pokémon gym.

Overbuying software licenses is a hedge against an audit, but an effective ITAM/SAM program doesn’t need hedges. It’s akin to “owning” a Pokémon gym and having your fellow team members acting as defenders. Everyone on the team benefits because they get more PokéCoins every 21 hours.

In the ITAM/SAM world, the “defenders” come in many forms, but the most useful ones are accurate data reports about what is being deployed, purchased, and actively used in your environment. And the PokéCoins you accrue are the facts and details needed to respond to an audit request. This frees up time that can be spent on higher-level, strategic tasks that add value to the business.

  • Earning PokéCoins is like saving money on your IT budget.

The PokéCoins earned can be redeemed for other purchases later, just as the savings gained by optimizing deployed and purchased software can benefit the IT budget. These hard-dollar savings from risk and cost avoidance can then be allocated later to new technology investments, thereby benefiting other IT domains or supporting the business that has a constrained budget.

Increasing your ITAM/SAM prestige by strengthening the resilience of your program means you can plan for an audit without wasting time or overestimating your budget.

  • The physical health benefits of catching Pokémon are similar to implementing a healthy ITAM/SAM program.

Similar to the health benefits achieved by walking or running to get a lucky egg to hatch in Pokémon, ITAM/SAM programs help you control application proliferation and manage lifecycles to prevent the build up of technical debt. Usually, the more time that is required to hatch an egg, the more rare and powerful the Pokémon is likely to be.

While monitoring legacy applications and reducing the number of overlapping applications takes time over the long-term, the benefits to your program are also greater.

Standardizing applications, consolidating vendors, reducing maintenance on unused applications, measure vendor performance, and renegotiating contract clauses when the vendor repackages your applications are all opportunities to improve the health of your ITAM/SAM program and evolve to higher levels of maturity. These are not short-term tasks but require investment to achieve the benefits.

Having an ITAM/SAM program isn’t the latest cool bandwagon to jump on, but rather a discipline that enables the business to be more agile and flexible. Evolving your ITAM/SAM program to include IT service management, security, cloud, and IoT, is akin to building up your Pokédex.

InfoTech-blogbanner

What ITAM Insider Really Thinks About the MEGABYTE Act of 2016

The MEGABYTE Act of 2016 inspired us to interview ITAM professional, Todd Labrum, to get his insights on the bill.

Here are the questions and answers.

1. What are your thoughts on the bill?

My initial thoughts were in regards to the wasteful spending that must be going on in the government for them to pass a bill enforcing the implementation of an ITAM program. It’s got to be pretty bad.

The good thing is that the government is taking it seriously enough to enforce action. I can’t wait to see what each agency does in response to this bill. It would be nice to see some tax breaks come about because of this bill and who wouldn’t want that?

2. Why is ITAM/ITSM so important for government agencies?

The question should really be why is ITAM/ITSM so important for any organization. It’s great to see that the government takes ITAM seriously enough that they’ve passed a bill mandating all executive agencies to implement an ITAM program.

This is important for every single taxpayer in the country because it means a reduction in tax dollar waste. Agencies can no longer go on purchasing software licenses at will. They will have to report on every single license purchased, who it’s been allocated to, and how it’s being used.

By implementing an ITAM program, it will become very clear which agencies aren’t spending tax dollars judiciously

3. What kind of cost savings do you think they can expect?

I think they could expect a cost savings of up to 30 percent within the first year. Subsequent years could be around five to 15 percent.

4. What does this bill mean for the future of government IT security?

Think of this. For those of you who have kids, do you care what they do on the internet or the computer? Do you care what software they download and use? Do you care about their use of torrent sites?  f the answer is no, then I don’t know what to say except I hope you’re lucky.

This bill means that the government will have to track the purchase, installment, and use of each software title in their environment. This knowledge and awareness will reduce the risk of confidential information from getting into the wrong hands.

We’ve seen in the past that the government has been lax on these standards and classified information has found its way into the public. This is something that I’m not too happy about, but it could happen to anyone and it does.  But that does not mean that we can’t make it better and the government is taking the right step by passing this bill.

5. Should an ITAM solution be required for more companies?

Personally, I believe that if companies don’t implement a solution, they’ll soon find themselves out of business. Competition is pretty fierce these days, and any way to save on cost is a great way to stay ahead.

Beyond that, staying in compliance with your software also means less risk of being fined or audited. Depending on the size of the company, they could be paying millions of dollars for audits and fines for not being in compliance with the software they use.

In summary

Everyone needs to take this seriously and step up to the plate. The better we manage our assets the more money we have in our pockets. That goes for both individuals and organizations.

Check out why LANDESK won Info-Tech‘s ITAM Champion award by clicking the free report below!

InfoTech-blogbanner

MEGABYTE Act Q&A With ITAM Specialist

Abstract digitally generated imageThe recent MEGABYTE Act of 2016 inspired us to sit down with ITAM expert, Jason Christensen, to get a better understanding of the impact of this bill.

Here is what he had to say.

1. What are your thoughts on the bill?

I feel that IT asset management (ITAM) should be a priority for government agencies. Not only a priority for the government but for most organizations. To control financial and security risk, proper ITAM solutions need to be in place.

2. Why is ITAM/ITSM so important for government agencies?

Government agencies spend an estimated six billion dollars every year on software.

Having controls in place to regulate the consumption and use of these licenses can be a huge source of ROI. ITAM is all about creating processes and policies to help optimize assets and make them work harder for you.

3. What kind of cost savings do you think they can expect?

It has been estimated that the Department of Homeland Security alone saved $181 million in software licensing in one recent year by implementing ITAM best practices.

It was also estimated that more than one billion dollars could be saved per year if all government agencies got on board. There is no doubt that tracking your software will curb IT spend.

By tracking software usage, government agencies can gain visibility needed for accurate purchasing, enable them with contract negotiation, and reduce non-compliance. Tracking usage will also allow the government to reclaim software licenses not in use saving valuable resources.

4. What does this bill mean for the future of government IT security?

You might not realize it at first, but your IT asset management strategy could be your best data security resource. Tracking the lifecycle of you hardware and software from purchase through allocation and usage and eventually to disposal ensures your assets are secure.

Like any security expert knows, you can only secure the assets you know about. Government agencies would see the same benefits any organization would see with security when it comes to implementing an ITAM solution. Having visibility into what assets they have, where they are, and how they are performing can tell you a lot about the security status.

5. Should an ITAM solution be required for more companies?

Why or why not? Yes, ITAM should definitely be implemented by more organizations. There is proof positive that tracking your assets works to reduce IT spend and increase the security of your assets.

In summary

Legislation is becoming more critical to ITAM strategies. As we see more regulations put in place, organizations need to be aware that they need to maintain compliance.

Not only do these laws secure the government and other organizations from financial and security risk, they also protect taxpayer’s money and sensitive information from mishandling.

Check out why LANDESK won Info-Tech‘s ITAM Champion award by clicking the free report below!

InfoTech-blogbanner

Evangelist Matt Hooper Dishes on the Most Valuable Takeaways From ITx2016

Untitled-1Every year, digital tech companies take time out of their busy schedules to participate in New Zealand’s world-renowned ITx event.

Comprised of twelve tech-focused conferences, ITx attracts top-notch thought leaders, innovators, and experts in the industry.

This year, our product evangelist Matt Hooper presented on two topics facing tech companies today: the role of ITSM in 2020 and integrating ITIL with Agile and DevOps.

We recently sat down with him to get his insights from this year’s ITx. Here’s what he had to say.

1. What were three big takeaways for you from ITx this year?

The ITX event in New Zealand is a big event with lots of tracks and a diverse set of amazing speakers.

The three main takeaways for me this year were, for the most part, a validation of things I had already suspected.

1. IT, as we know it, is going to completely change. 

Listening to speakers talk about rapid change, innovation, and the focus on moving from a process-centric organization to a risk-based organization confirmed my feelings that DevOps is more than just a buzzword. IT organizations need to build structure to support rapid change.

2. DevOps is not the answer, but it’s a step in the right direction.

During the talks from both Rob England (@theitskeptic) and Mark Smalley (@marksmalley), my belief was reinforced that the DevOps movement is only the beginning of the new paradigm in which enterprises will operate their IT.

Despite the many improvements DevOps practices are bringing to the industry, there are still gaping holes in the long term effects of development supporting production, lightweight logging of changes, and scaling feedback loops.

3. Shifting from a command mindset to manageable risk mindset.

Going from a traditional command and control mindset to a manageable risk mindset will require a lot more education to the marketplace. Despite the excitement, many ITSM professionals are struggling with how ITIL can be adapted to DevOps, which, frankly, is the wrong question.

2. You attend a lot of events and talk to a lot of customers. What are the biggest trends in ITSM right now?

I do. I’ve hit PINK16, itSMF Sweden, HDI16, Beyond2016, Palmer, Interchange16, SITS16… and it’s only August!

Three hot trends right now are:

  • DevOps
  • BRM (Business Relationship Management)
  • Security

Some interesting sub-trends involve new frameworks like IT4IT, a comprehensive operational framework for operating IT infrastructure, as opposed to the ITIL framework which focuses on delivering sustainable IT services.

ITSM has always been about how IT gets work done. The disruption in traditional ITSM thinking is that IT is no longer a single department, but a competency that exists across a business.

More and more departments are owning their own IT function. Thus, the role of BRM, security, and other ITSM disciplines are forcing governance models to change their focus from IT to business.

In other words, business managers no longer see IT services as an internal function. IT has become so imperative to business operation that business services and IT services are seen as equals.

3. Which way are the industry winds blowing?

The winds are blowing toward security management. It is impossible to have a meeting, a conversation, or a project that does not incorporate security reviews and approvals.

What’s interesting, though, is the current emphasis on speed. Usually the winds of security blow in the exact opposite direction of speed, to the point where it can sometimes seem like IT isn’t moving anywhere fast enough or securely enough.

This can pose a real challenge to staff to keep up morale when trying to balance innovation with operational excellence.

4. Why should IT departments consider changing their ITSM solution?

Most ITSM solutions were originally designed around managing workload queues, and when IT was a single department focused on IT services, this satisfied most business requirements.

But in today’s digital economy, IT services are now critical business services. We have layers of IT suppliers and service providers, and we critically need transparency and automation to push through the conundrum of security and speed.

Unfortunately, traditional ITSM solutions don’t cut it.

We need solutions that are more comprehensive. They need to support design and configuration for complex workflow, based on contextual data, events, and risk. With the increasing demand on IT analysts and managers, the ITSM tools also need to be leveraged for better decision-making, so they have to be constantly available and easy to utilize.

Many ITSM solutions also fail to deliver a great user experience. They don’t offer mobile capabilities or provide highly visual dashboards.

5. What does ITSM in 2020 look like?

2020 isn’t that far away, and for most companies, ITSM will continue as it is today. Fixing things that break and reacting to changes that were not managed well will continue to be a daily routine. However, progressive organizations today are setting new benchmarks of performance and operational excellence that will force lagging organizations to rethink their IT disciplines.

DevOps will continue to refine itself into “best practice” framework. As more and more “how-to’s” are documented and validated by the industry, standards will evolve around full lifecycle management of IT services.

We will also see a major push to fill the skills gap that exists in IT asset management. As requirements for increased security and durability of IT assets and suppliers continue to add up, more and more analytics and real-time reporting will be required.

How to track the value and risk of IT assets is such a huge gap in our current ITSM guidance, that organizations like the OpenGroup are hoping to fill with guidance such as IT4IT.

So ITSM professionals today will do well to learn more about Lean IT, Agile, Feedback Loops, and Software Defined Infrastructure. These areas are disrupting traditional ITIL thinking, and will require new skills, new processes, and new tools to support business IT in 2020.

Learn why LANDESK was named Info-Tech’s Champion in their 2016 ITAM Vendor Landscape Report!

InfoTech-blogbanner

ITAM Expert Talks Trends, the Future of ITxM, and Sherlock Holmes

In case you haven’t heard, LANDESK was recently named Champion in the IT Asset Management Vendor Landscape Report by the Info-Tech Research Group. (Read the free report below.)

“LANDESK offers the most comprehensive IT and software asset management software out there,” said CEO, Steve Daly, “and we love that prominent influencers are pointing IT and finance leaders our way.”

We sat down with ITAM Product Manager Todd Labrum to get his thoughts on the report.

1. Talk about the Info-Tech report. What are the big takeaways for you?

The biggest takeaway for me is the number of great companies in the ITAM market.

As a product manager, I’m always looking at my competition and how we compare. I’m excited to see that Info-Tech has placed us in the Champion quadrant as it illustrates that our development efforts and strategy are paying off. I would like to say to all competitors in this report and market to watch out! There’s a lot more coming!

2. You go to a lot of events and talk to a lot of customers. What are the biggest trends in ITAM right now? Which way are the industry winds blowing?

I see three major trends in ITAM right now:

1. Organizations are wanting to know what assets they have and where they are, especially when it comes to the data center. This is in part caused by major data center publishers auditing customers to see if they’re using their software correctly.

2. Another trend is dependency mapping and what-if analysis of your assets. The key reason for this trend is that organizations are looking for help with budget forecasting, impact analysis, license optimization, and risk management. Organizations are looking for ways to optimize their assets and plan for the future, and it needs to be easy.

3. Automation, automation, automation. With so many different systems, applications, processes, departments, etc., automation tools are important to streamline corporate processes.

For example, wouldn’t it be nice to have a process that automatically orders a new laptop or software license from your reseller when you run out of stock and requests for these assets are coming in? Or how about a process to help with employee off-boarding? Do you know what assets they have and where they are? Automating these processes will ensure you’re on top of your assets.

3. Why should IT departments consider an ITAM solution right now?

Who wouldn’t?! There’s so much going on in an organization’s IT network, that you need to have the answers to the following questions: what assets do you have, where are they, who’s using them, and what risks do they impose?

Show me one IT department that can answer all these questions without an ITAM solution, and I’m not just talking about a tool. A great ITAM solution is comprised of policies, processes, education, compliance, and much much more. An ITAM tool should help support you in all these areas and ensure all your assets are under control.

4. We talk a lot about ITxM. What does that mean?

ITxM is the concept of blending IT Service Management and IT Asset Management. Now before you think we’re talking about having one solution for both disciplines, it’s not. Each discipline has its own purpose and goals and you shouldn’t venture off building one solution to rule them all.

However, there is value to having both tightly integrated, even going as far as to consolidate the CMDB and asset repository into the same database. That’s the route we’re taking at LANDESK, but we are also making sure to keep both solutions separate.

5. On a different note, what is your favorite movie?

This is the toughest question of them all. It’s Sherlock Holmes with Robert Downey Jr., hands down. Intense action, awesome cast, and there’s nothing like a great mystery with a bit of humor.

Be sure to check out why LANDESK was named Info-Tech’s Champion by downloading our free report below!

InfoTech-blogbanner

MEGABYTE Act Recommendations for CIOs (Part 2 of 2)

Flat Office DeskIn MEGABYTE Act Recommendations for CIOs (Part 1 of 2) of this blog series, we looked at the first three of six requirements that the MEGABYTE Act of 2016 recently put into place. We then gave our recommendations for how CIOs can achieve compliance by next year.

Here, we’ll continue with requirements four, five, and six, and give our recommendations for each one.

4. Provide training relevant to software license management

Software license management as a discipline has been growing in importance in private sector organizations for many years, and there are a number of organizations that offer training on processes, policies, metrics, business management and security requirements to fulfill demand.

The most well-known software asset management certification course is offered by the International Association of IT Asset Managers (IAITAM).

Be aware that there is a well-documented ITAM/SAM skills shortage in the marketplace, so plan for extended timeframes if recruiting from outside the agency.

RecommendationCIOs should evaluate staff to determine if existing employees have the skillsets needed to fulfill on this new law.

This will require people who understand not only tools, but also procurement/sourcing, contracts, project and portfolio management, vendor management, performance scorecards, and enterprise architecture. All of these areas will provide feedback into software savings opportunities and lifecycle planning.

5. Establish goals and objectives for the agency software license management program

Goals and objectives that include critical success factors (CSF) and key performance indicators (KPI) are essential to designing an effective software license management program.

For example, a KPI would be the ability to respond to a software vendor audit in 30 days. A CSF would be the ability to provide a monthly or quarterly report that demonstrates compliance with the legislation.

Metrics that support these goals and objectives will disclose whether or not they are successful or failing. Time- and cost-based metrics will uncover opportunities for continuous improvement, but these need to be aligned with agency goals.

Recommendation: CIOs should evaluate existing metrics and the processes they support to determine if they are capable of supporting effective software license management. If the existing metrics aren’t comprehensive or are non-existent, a baseline inventory of the environment will be needed to create a starting point for the metrics.

6. Consider the software license management lifecycle phases

These phases include requisition, reception, deployment and maintenance, retirement, and disposal. They help with implementing effective decision making, as well as incorporating existing standards, processes, and metrics.

With the key stages of the asset lifecycle outlined in the legislation, building best practice processes, policies and metrics around each of these stages will be the priority.

The longest part of the lifecycle is the deployment and maintenance stage, so that is where the most change will be happening to the software.

Software patches, upgrades, and new releases will happen over the usable life of the software, which could be anywhere from three, five, seven, ten years or longer for ERP or highly specialized applications.

Processes and metrics need to reflect the unique characteristics of each agency and not just the generic templates leveraged from the private sector. Budgets, mission, and use of outside contractors and staffing are just a few areas that will require agency-specific process design.

LANDESK offers an ITAM/SAM attainment workshop to help customers assess their current process, policy, and governance maturity. The workshop also uncovers where the holes exist in their current program and the areas where they are currently doing well.

Recommendation: CIOs should develop processes and metrics that reflect the unique characteristics of their agency and not rely on generic templates leveraged from the private sector.

With other mandates already in place around purchasing and disposal, CIOs should place focus on the process of managing the software license entitlement and ensure that they are in compliance with software contracts.

In summary

The potential savings from an effective ITAM/SAM program, in a government agency that already has some best practices in place, could still be up to 20 percent of the management costs associated with the various assets in the first year of implementation. I’ve often see ITAM/SAM programs generate enough savings to be self-funded and have funds freed up to be allocated back to technology investment.

With the proper processes, policies, and people in place, CIOs should have no problem reporting their cost savings and risk avoidance from improved software license management practices on a regular basis.

Side note: While the MEGABYTE legislation does not apply to state and local government, there are 28 representatives from states that co-sponsored this legislation. CIOs of these states (and others) should consider how they would approach getting a handle on their software licenses and what kinds of savings those might represent to their organizations.

Be sure to check out why LANDESK was named Info-Tech’s Champion by downloading our free report below!

InfoTech-blogbanner

 

 

 

 

MEGABYTE Act Recommendations for CIOs (Part 1 of 2)

In light of the recent news that the MEGABYTE Act of 2016 was signed into law, we wanted to outline the law’s new requirements for CIO agencies, as well as provide our own recommendations for CIOs to achieve compliance by 2017.

In this post, we’ll take a look at the first three of six requirements.

1. Establish a comprehensive inventory

This includes 80 percent of software license spending and enterprise licenses in the agency. It is done by identifying and collecting information about software license agreements using automated discovery and inventory tools.

There is no reason why a CIO couldn’t achieve a discovery rate of 97-100 percent of all enterprise and infrastructure software installed on all endpoints and servers, including custom-developed software that is attached to the network.

Outperforming the 80 percent requirement to discover all software is not impossible.

Understanding what is running in your environment is the first step to not only managing but also ensuring that the applications meet security guidelines. Using either an agent installed on the endpoint or an agentless discovery tool that scans by IP range, it is possible to discover and build a definitive knowledge base of all known, approved applications. The data from these tools can then maintain a software asset catalog or a whitelist of approved applications.

Ideally, this discovery tool should use an agent so that it can monitor software usage. Software usage without an agent is only a point-in-time snapshot of what is running on the endpoint when the scan runs, and not daily usage monitoring. Usage monitoring on server software is not recommended because it may lead to network performance overload.

RecommendationCIOs should ensure that they have an agent-based discovery tool that can discover all device types–mobile, workstation and server–that can also monitor software usage.

2. Regularly track and maintain software licenses

This will assist the agency with implementing decisions throughout the software license management lifecycle.

With constant monitoring of the software license lifecycle, decisions about when to adopt new versions or upgrade operating systems are much easier to make.

Knowing the TCO and the costs associated with lifecycle decisions will provide the visibility needed to assess and model a decision on factors that go beyond purchase price.

Tracking and maintaining the software lifecycle can also directly solve a problem that has plagued the government agencies–legacy applications that cost a lot to maintain when vendor support is no longer available.

We’ve seen legacy operating systems that reached end-of-life a decade ago, still being used even though there is no valid business need for it. IT transformation efforts are often bogged down because the costs to update outdated applications is often prohibitive, even for the government.

Recommendation: CIOs should begin by getting a baseline report of all installed software and its associated lifecycle. If old versions of applications are discovered and newer instances are available, determine whether an upgrade should occur and if it is covered under maintenance.

3. Analyze software usage and other data to make cost-effective decisions

Most organizations monitor software application usage on a quarterly basis to detect which applications a user has opened and closed.

If a user hasn’t launched an application within the past 90 days, there is a good chance that they don’t need the application, unless it is an application that is only utilized during specific projects or year-end timeframes.

If software is not being fully utilized, it can be reclaimed from the endpoint and redeployed to fulfill another user’s request for that same application.

If there isn’t demand for that application and there are a large number of unused licenses, the agency should consider renegotiating that contract and discontinue maintenance on those applications.

In addition, effective software usage monitoring could potentially uncover that an enterprise agreement is not a cost-effective licensing alternative because employees are not utilizing what is installed on their endpoints.

On the server side, it might indicate that there are expensive applications with overlapping functionality that are only being partially used and the least used ones could be discontinued. In the “other data” category, a history of furloughs or staff layoffs and retirement could be used when forecasting software demand and server capacity requirements.

RecommendationCIOs should evaluate their existing discovery tools and if it has software usage capabilities, ensure that is implemented.

In many cases, inventory planners may not be aware of the functionality or may not have it fully deployed. Knowing the level of detail (e.g., app open/close or keystroke activity) that is needed for software usage monitoring is imperative.

InfoTech-blogbanner

4 Questions With ITAM Insider & Why You Need an ITAM Solution Right Now

Info-Tech-Champion-CircleIn light of LANDESK recently being named Champion by the Info-Tech Research Group in the IT Asset Management Vendor Landscape Report (check out the report below!), we spoke with ITAM Product Marketing Manager Jason Christensen to get a better understanding of ITAM and what it means for business today.

1. What are the big takeaways for you from the ITAM report?

Two big takeaways from the Info-Tech Vendor Landscape report are, first, LANDESK’s positioning in the quadrant. All vendors were scored and placed as a market pillar, emerging player, innovator, or champion. LANDESK was placed in the Champion quadrant as a leading vendor with a leading product.

This shows LANDESK’s dedication to the ITAM market in providing excellent products at a great value, as well as depicting a strong market presence.

The second takeaway that stands out to me are the features evaluated in the report. These features represent a strong ITAM vendor that can deliver on what customers want and need.

LANDESK checked all of the boxes, whereas all other vendors lacked in several areas. This shows LANDESK’s breadth of capabilities.

2. Which way are the ITAM winds blowing right now? What are the trends?

When talking to customers, you get a glimpse into the biggest trends. Some that I have seen revolve around managing your assets in the cloud. As more software is moving to the cloud, organizations are looking for ways to track licenses and gain visibility into usage data.

Using ITAM for security purposes is also another trend I have been seeing. Knowing what assets you have and where they are can prevent substantial security risk.

When done right, ITAM reduces theft and loss and lowers the threat of malware from pirated software.

3. Why should IT departments consider an ITAM solution right now?

Understanding what assets you have, where they are, and how they are performing is critical for any organization. ITAM ensures your contract, license, and financial data is managed properly, saving you time and money.

In addition, tracking your hardware and software assets helps you get and stay compliant.

Software audits are on the rise. Organizations need to avoid the risks of non-compliance, not only from a financial aspect but also from a security aspect. Unsanctioned software licenses can introduce malware along with a slew of other security threats.

4. What is ITxM?

ITXM encompasses both asset management and service management. We have created the concept of ITxM because there of the variety of roles and responsibilities that crossover between the two disciplines.

For example, both incorporate request and change management. This pushes businesses to bring different sectors of the IT organization together to develop one cohesive strategy.

Be sure to check out the full report below!

InfoTech-blogbanner

It’s Official: New MEGABYTE Act Becomes Law and It’s Going to Save Money

megabyte actOn July 29, 2016, the MEGABYTE Act of 2016 was signed into law.

Last Friday, Public Law No: 114-210 m, also known as the Making Electronic Government Accountable By Yielding Tangible Efficiencies Act of 2016 or the MEGABYTE Act of 2016, was officially signed into law.

This new legislation directly affects all U.S. government agencies and follows on earlier legislation that has gone into effect over the past two to three years.

Why the MEGABYTE Act Is Different

Although complementary, the MEGABYTE Act differs from previous legislations such as The Federal Information Technology Acquisition Reform Act (FITARA), the National Defense Authorization Act for Fiscal Year 2015 (NDAA FY 2015), and the Office of Management and Budget (OMB) Guidelines.

While FITARA and NDAA FY2 015 focus on IT issues related to staffing, coordinated purchasing, IT hardware inventory, and other areas, the MEGABYTE Act lays out what agencies are expected to document and report.

This documentation and reporting deals specifically with IT software license savings that can be achieved with better visibility and efficiencies.

The full MEGABYTE Act of 2016 text can be found here.

Sponsored by the Committee on Oversight and Government Reform and the U.S. Senate Committee on Homeland Security & Governmental Affairs, the MEGABYTE law requires that government CIOs “of each executive agency must report to the OMB, beginning in the first fiscal year after this Act’s enactment and in each of the following five fiscal years, on the savings from improved software license management.”

The specific requirements that are laid out for agency CIOs are great steps to getting a handle on what software is installed within the agency.

MEGABYTE Act Cost Savings

In my 21 years’ experience as a Gartner Research Director advising public and private sector on IT and software asset management (SAM) programs, I’ve found that an organization without any best practices in place could yield savings of up to 30 percent in cost avoidance and savings in the first year.

Savings will decline in subsequent years as the environment is tightly managed, but the increased visibility will continue to reap savings in other IT domains.

However, OMB and GAO already have best practices in place. They have centrally negotiated contracts and pricing—not to mention a culture that adheres to policies—which will be a huge advantage as agencies begin to move into compliance with this law.

In my professional opinion, I would expect the government could save anywhere from three to five percent by monitoring the installation and usage of software, and up to 20 percent by implementing a complete ITAM/SAM program.

When you consider that OMB reported that government agencies spent $9 billion in 2015 on new software licenses, the savings from software usage monitoring and reallocation of software could be significantly more than $450 million in the first year of this five-year legislation.

LANDESK is no stranger to the importance of ITAM/SAM solutions. Learn why LANDESK was named ITAM Champion by Info-Tech this year!

InfoTech-blogbanner

The Surprising Way Choosing a Discovery Tool is Like Dating

Choosing a discovery tool is like dating.

There are so many great options out there, but the hardest part is choosing just one–especially with the possibility that it won’t work out. None of us like the feeling of having wasted time.

So how do you go about selecting the right discovery tool?

The key is to spend some time getting to know your environment just like you need to know yourself before choosing someone to date. Don’t even start looking at tools until you know what data you actually need.

Now, you might retort, “I don’t know what’s in my environment, so how could I possibly know what data I need? Hence my need for a discovery tool.” If that’s the case, then let’s stick to the basics.

1. Choose a tool that provides the coverage you need

There’s nothing like dating someone who only wants to do one thing. Variety is the spice of life, just as it is with finding the right discovery tool.

Not every tool is able to get the data you’re looking for. Some only focus on certain operating systems like Windows or Mac. Others tend to focus on specific environments like desktops or the data center.

Again, what’s in your environment? Do you support Windows, Mac, or Linux? What hardware and software are you using in your data centers? And if you don’t have an answer about every single data center or location, that’s fine. Start with what you do know. Once you’ve done that, it’s time to look at vendors.

Line them up and compare what they can capture. Be sure to ask some of these questions along the way:

  • How do you collect data for [x]? Replace x with things like Windows, mobile devices, or servers, e.g., agent, API, database connection, etc.
  • How do you recognize installed software? For example, add/remove programs, registry keys, files, etc.
  • Are there any special network permissions or users that I need to gather this data?  For instance, sometimes administrator-level access is required when scanning Linux environments.

2. Choose a tool that normalizes the data

In dating, it’s important to find someone that speaks your language. By language, I mean your quirks, humor, seriousness, excitement, pain, etc.

IT data is no different. Each hardware manufacturer or software publisher has their own way of speaking. The key is to find a tool that can speak all those languages and convert them into one, easily consumable data feed.

For those of you who are new to this term, normalization is the process through which data is transformed to have a standard name, mapping structure, and classification. Basically, it’s a flexible rules engine that makes sure your data is really apples to apples. It’s no fun trying to make sense of data that hasn’t been normalized.

Some key questions:

  • Do you provide normalization rules out-of-the-box?
  • Can I change those rules to match the nomenclature in my environment?
  • Can I create my own rules and have them run against the sources I want?

3. Choose a tool that stores your data in one central database

There’s nothing like dating someone who brings an entire support group with them. You don’t want to have to deal with all the best friends and various family members. That’s not what you signed up for and the relationship should only be about you and your partner (at least in the beginning).

A central database makes your life so much easier! It’s the one source of truth that you can go to and rely on when doing analysis. This database should maintain an ongoing repository and keep track of changes for historical analysis.

Ask questions like:

  • Does your tool require integration with other discovery tools?
  • Is the data easily accessible or do I have to go to multiple places to get it?
  • How is the data stored in this database?
  • Does it keep track of changes over time?
  • What reconciliation processes are used to store the data and minimize duplication?

By going through these three basic steps, I hope I was able to provide some advice in selecting the right discovery tool; maybe even some dating advice along the way.

Another great resource to use in this selection process is the recent Info-Tech Report on the IT Asset Management Vendor Landscape. Check it out below!

InfoTech-blogbanner